renovate[bot]
commented
1 year ago β Artifact update problem
Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.
β» Renovate will retry this branch, including artifacts, only when one of the following happens:
- any of the package files in this branch needs updating, or
- the branch becomes conflicted, or
- you click the rebase/retry checkbox if found above, or
- you rename this PR's title to start with "rebase!" to trigger it manually
The artifact failure details are included below:
File name: package-lock.json
npm ERR! code ENOLOCAL
npm ERR! Could not install from "node_modules/aframe/three-bmfont-text@github:dmarcos/three-bmfont-text#1babdf8507c731a18f8af3b807292e2b9740955e" as it does not contain a package.json file.
npm ERR! A complete log of this run can be found in:
npm ERR! /tmp/renovate-cache/others/npm/_logs/2023-03-16T07_51_35_733Z-debug.log
This PR contains the following updates:
6.5.2->6.5.3GitHub Vulnerability Alerts
CVE-2022-24999
qs before 6.10.3 allows attackers to cause a Node process hang because an
__ proto__key can be used. In many typical web framework use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such asa[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4.Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.